Mutual Authentication and Trust Bootstrapping towards Secure Disk Encryption

The weakest link in software-based full disk encryption is the authentication procedure. Since the master boot record must be present unencrypted in order to launch the decryption of remaining system parts, it can easily be manipulated and infiltrated by bootkits that perform keystroke logging; consequently, password-based authentication schemes become attackable. The current technological response, as enforced by BitLocker, verifies the integrity of the boot process by use of the trusted platform module. But, as we show, this countermeasure is insufficient in practice. We present STARK, the first tamperproof authentication scheme that mutually authenticates the computer and the user in order to resist keylogging during boot. To achieve this, STARK implements trust bootstrapping from a secure token to the whole PC. The secure token is an active USB drive that verifies the integrity of the PC and indicates the verification status by an LED to the user. This way, users can ensure the authenticity of the PC before entering their passwords.

[1]  Stefan Kraxberger,et al.  An autonomous attestation token to secure mobile agents in disaster response , 2009, Secur. Commun. Networks.

[2]  Tim Thornburgh Social engineering: the "Dark Art" , 2004, InfoSecCD '04.

[3]  Rakesh Agrawal,et al.  Keyboard acoustic emanations , 2004, IEEE Symposium on Security and Privacy, 2004. Proceedings. 2004.

[4]  Ravi Sandhu,et al.  ACM Transactions on Information and System Security: Editorial , 2005 .

[5]  Eugene H. Spafford,et al.  Getting Physical with the Digital Investigation Process , 2003, Int. J. Digit. EVid..

[6]  R. Carbone,et al.  An In-Depth Analysis of the Cold Boot Attack: Can It Be Used for Sound Forensic Memory Acquisition? , 2011 .

[7]  Xiang Li,et al.  An Overview of Bootkit Attacking Approaches , 2011, 2011 Seventh International Conference on Mobile Ad-hoc and Sensor Networks.

[8]  Chandra Krintz,et al.  Proceedings of the 3rd international conference on Virtual execution environments , 2007 .

[9]  Simon Heron,et al.  Encryption: Advanced Encryption Standard (AES) , 2009 .

[10]  Dirk Fox,et al.  Advanced Encryption Standard (AES) , 1999, Datenschutz und Datensicherheit.

[11]  Andreas Dewald,et al.  TRESOR Runs Encryption Securely Outside RAM , 2011, USENIX Security Symposium.

[12]  Johannes Winter,et al.  A hijacker's guide to communication interfaces of the trusted platform module , 2013, Comput. Math. Appl..

[13]  U. Janssens,et al.  The early bird catches the worm. , 2005, Critical care medicine.

[14]  Helmut Schneider,et al.  The domino effect of password reuse , 2004, CACM.

[15]  Burton S. Kaliski,et al.  PKCS #5: Password-Based Cryptography Specification Version 2.0 , 2000, RFC.

[16]  Zoltán Balogh,et al.  Securing mobile agents for crisis management support , 2012, STC '12.

[17]  Felix C. Freiling,et al.  Stark - Tamperproof Authentication to Resist Keylogging , 2013, Financial Cryptography.

[18]  Felix C. Freiling,et al.  TreVisor - OS-Independent Software-Based Full Disk Encryption Secure against Main Memory Attacks , 2012, ACNS.

[19]  Sven Türpe,et al.  Attacking the BitLocker Boot Process , 2009, TRUST.

[20]  Morris J. Dworkin SP 800-38E. Recommendation for Block Cipher Modes of Operation: the XTS-AES Mode for Confidentiality on Storage Devices , 2010 .

[21]  Ariel J. Feldman,et al.  Lest we remember: cold-boot attacks on encryption keys , 2008, CACM.

[22]  Markus G. Kuhn,et al.  Optical time-domain eavesdropping risks of CRT displays , 2002, Proceedings 2002 IEEE Symposium on Security and Privacy.

[23]  William E. Burr,et al.  Recommendation for Password-Based Key Derivation Part 1: Storage Applications , 2010 .

[24]  Peter Gutmann,et al.  Data Remanence in Semiconductor Devices , 2001, USENIX Security Symposium.